I'm using the following code to try and do a simple insert query. However
it won't insert the data into the table, and I get no error messages. What
have I done wrong this time?
?php
session_start();
$connection = mysql_connect('localhost','yeah','right');
On Sat, Oct 18, 2008 at 3:22 AM, Frank Stanovcak
[EMAIL PROTECTED] wrote:
I'm using the following code to try and do a simple insert query. However
it won't insert the data into the table, and I get no error messages. What
have I done wrong this time?
You will be getting an error.
echo
Andy Pieters wrote:
Hi
Whilst you are searching the net, you might also want to search for 'sql
injection'. This is no joke!
Please use the mysql_escape_string on each variable you get from the user
side.
Use mysql_real_escape_string() instead.
--
PHP General Mailing List (http://www.php.net/)
All,
I have a form which submits technical requests. It worked fine on an
old linux box using Mysql 3 series but recently we switched to windows
2003 server SP1 using Mysql 4.1.10. It was doing this before the
service pack. I get the form values and then insert them into a table.
Sometimes it
Frank Miller wrote:
All,
I have a form which submits technical requests. It worked fine on an
old linux box using Mysql 3 series but recently we switched to windows
2003 server SP1 using Mysql 4.1.10. It was doing this before the
service pack. I get the form values and then insert them into a
Hi
Whilst you are searching the net, you might also want to search for 'sql
injection'. This is no joke!
Please use the mysql_escape_string on each variable you get from the user
side.
In your example
$Email = mysql_escape_string($_POST['Email']);
$Phonenumber =
On Fri, 15 Apr 2005, Frank Miller wrote:
All,
I have a form which submits technical requests. It worked fine on an
old linux box using Mysql 3 series but recently we switched to windows
2003 server SP1 using Mysql 4.1.10. It was doing this before the
service pack. I get the form values and then
7 matches
Mail list logo
